On the 4/7/2011 Virtualization Security Podcast, we were joined by Wyatt Starnes of Harris Corporation. Wyatt is the Vice President of Advanced Concepts of Cyber Integrated Solutions at Harris. What this means, is that Wyatt is one of the key folks of the Harris Trusted Cloud initiative. Trust is a funny word, and we have written about that in the past.
Harris’ approach is unique in that they are attempting to ensure integrity of all components of the cloud down to the code level, not just the network with their target being the hosted private cloud and NOT the secure multi-tenant public cloud.
Granted their approach could be used for a Secure Multi-Tenant Public Cloud, and I feel will be required for such a cloud to exist. So what is their approach? It all starts with a company Harris bought a while back: SignaCert which is a different approach to what Tripwire does today (as Wyatt Starnes was an original founder of Tripwire). SignaCert has an ever growing database of software signatures. The software signature gathering component and process becomes part of the supply chain for all components into the Harris Trusted Cloud. These components include signatures for routers, switches, operating systems, and applications which are generated as close to the software release process as possible.